package com.llmcu.source.security.shiro.shiro04;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.realm.AuthenticatingRealm;
import org.apache.shiro.util.ByteSource;

/**
 * xxxx
 *
 * @author liuling
 * @date 2024-12-30 14:49
 */
public class MyRealm extends AuthenticatingRealm {
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        // 1.获取身份信息
        String principal = token.getPrincipal().toString();
        // 2.获取凭证信息
        String credential = new String((char[]) token.getCredentials());

        // 3.数据库查数据判断
        if("zhangsan".equals(principal)){

            // 3.1数据库存储的加盐3次的密码
            String pwdInfo = "f30920d4b91cad809c438a2c904b96aa";

            SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(
                    token.getPrincipal(),
                    pwdInfo,
                    ByteSource.Util.bytes("customSaltValue"),
                    token.getCredentials().toString()
            );
            return info;
        }

        return null;
    }
}
